A new cyberattack campaign has been identified that targets Microsoft Windows users by utilizing social engineering, multi-stage malware, and the modified Havoc Demon Agent to exploit trusted cloud services for malicious activities.
View full story…

E-commerce platforms are increasingly targeted by cyber threats such as SQL Injection, XSS, and DDoS attacks, necessitating robust security measures to protect sensitive data and maintain customer trust.
View full story…

The Trump administration’s dismissal of Russian cyber threats contrasts sharply with the Biden administration’s acknowledgment of Russia as a significant global cyber threat, raising concerns about national security and international relations.
View full story…

Ransomware groups, including Scattered Spider and LockBit, are exploiting critical vulnerabilities in the BioNTdrv.sys driver of Paragon Partition Manager, allowing for privilege escalation and arbitrary code execution on Windows systems.
View full story…

A wave of sophisticated cyber-attacks, primarily affecting North America and linked to the Black Basta ransomware group, utilizes social engineering tactics and infostealer malware to gain unauthorized access to systems and exfiltrate sensitive data.
View full story…

Australia’s Department of Home Affairs has prohibited the use of Kaspersky Lab products on official systems due to national security risks associated with potential foreign interference and espionage, aligning with similar actions taken by other Western nations.
View full story…

Cyber threat actors are increasingly exploiting both new and long-standing vulnerabilities, including those in home internet routers, to conduct large-scale cyberattacks, highlighting the urgent need for organizations to adapt their cybersecurity strategies.
View full story…

Chia, a 39-year-old cybercriminal associated with the DESORDEN Group, was arrested in Bangkok after being linked to over 90 hacking cases and the theft of more than 13 terabytes of sensitive data across multiple countries.
View full story…

February 2025 saw significant mergers and acquisitions in the cybersecurity sector, including Sophos’s $859 million acquisition of Secureworks and SolarWinds’ $4.4 billion buyout by Turn/River Capital, among other strategic deals aimed at enhancing security capabilities and market presence.
View full story…

In 2024, third-party cyber risks accounted for 31% of client claims and ransomware incidents contributed to 61% of all claims, highlighting the growing need for businesses to address vendor vulnerabilities and enhance cybersecurity measures.
View full story…

Chinese state-sponsored cyber operations have escalated sharply in 2024, with a 150% increase in attacks targeting critical infrastructure, driven by sophisticated tactics and the use of artificial intelligence.
View full story…

The Open Source Security Foundation has introduced the Open Source Project Security Baseline, a framework designed to establish minimum security standards for open source software and enhance project trustworthiness.
View full story…

The GhostSocks malware, a variant of Ghost ransomware, exploits long-standing vulnerabilities in various sectors globally, utilizing SOCKS5 for evasion and operating under a Malware-as-a-Service model.
View full story…